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(Q) Computer network. 



@ Each computer system of the computer network according to the present invention has a manage- 
ment infonmation storage portion for storing information with respect to an access authority in 
accordance with ah owner ID and a conversion rule storage portion for storing a rule for converting the 
formats of a user ID and an access authority. Each computer system adds a machine ID to a user ID and 
sends the resultant ID to another computer system when a remote access request Is issued. In addition, 
the computer system detennines whether or not the fomnats of the user ID and the access authority 
being received accord with those of a local computer system when a remote access is accepted. The 
computer system converts the fonnats of the user ID and the access authority being received into those 
of the local computer system in accordance with a predetermined conversion rule when the formats of 
the local computer system are not matched with those on the remote computer system. Thereafter, the 
computer system compares the user ID and the access authority whose formats have been converted 
with irrfonmation of the access authority stored in the access authority storage portion and determines 
whether or not to execute the remote access. 
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The present invention relates to a computer net- 
work for connecting a plurality of computer systems 
through a communication medium and a method of 
accessing files thereof. 

Thus far, there has been a computer network 5 
where the user of a computer system can remotely 
access a file that another computer system has with- 
out necessity of a complicated log-on procedure. 

The file access in such a computer network is per- 
formed under condition that a user ID and an access io 
authority on the request side are matched with those 
on the accept side. 

However, when the computer type on the request 
side differs from that on the accept side, because of 
differences of the formats of the user ID and the is 
access authority, the computer system on the access 
accept side may not con-ectly determine the validity of 
an access request from the computer system on the 
access request side. In this case, the computer sys- 
tem on the request side has to perfonm a particular 20 
procedure so as to validly access a file that the conn- 
puter system on the accept side has. Thus, the advan- 
tage of the remote access is lost. 

Therefore, an object of the present Invention is to 
provide a computer network for validly performing a 25 
remote access of files even If the formats of the user 
ID and the access authority on the access request 
side differ from those on the access accept side. 

To accomplish such an object, the computer net- 
work according to the present invention comprises a 30 
computer netwoik connected with a plurality of conv 
puter systems through a communication medium for 
accessing files that the plurality of computer systems 
have from all of the plurality of computer systems, 
each of the plurality of computer systems comprising 35 
access authority information storage means for stor- 
ing infonnnation with respect to an access authority in 
accordance with an owner ID, means for adding a 
machine ID to a user ID and for sending the resultant 
IDtoanothercomputersystemof the plurality of conr>- 40 
puter systems when a remote access request is 
issued, means for determining whether or not the for- 
mats of the user ID and the access authority being 
received accord with those of a local computer system 
of the plurality of computer systems when a remote 45 
access is accepted, means for converting the formats 
of the user ID and the access authority being received 
Into those of the local computer system of the plurality 
of computer systems in accordance with a predeter- 
mined conversion rule when the fomnats of the local so 
computer system are not matched with those on the 
remote computer system, and means for comparing 
the user ID and the access authority whose formats 
have been converted with information of the access 
authority stored in the access authority storage 55 
means and for detemnining whether or not to execute 
the remote access. 

Thereby, according to the present invention, even 



if the formats of the user ID and the access authority 
on the access request side differ from those on the 
access accept side, remote files can be validly acces- 
sed. 

Fig. 1 is a block diagram showing an overall con- 
struction of a computer network of an embodi- 
ment according to the present invention; 
Fig. 2 is a schema showing a tree construction of 
a file group that a computer system has; 
Fig. 3 is a schema describing relations of file 
groups that two computer systems have; 
Fig. 4 is a table outlining informatbn with respect 
to access authority; 

Fig. 5 is a table outlining a conversion rule; 
Fig. 6 is a flow chart showing a flow of a process 
for issuing an access request; 
Fig. 7 is a fiow chart showing a flow of a process 
for detenmining the validity of a file access; and 
Fig. 8 is a flow chart showing a flow of a process 
perfonmed when a remote access request is 
accepted. 

Fig. 1 is a block diagram showing an overall con- 
struction of a computer network of an embodiment 
according to the present invention. 

In the figure, reference numeral 10 is a communi- 
cation medium. Reference numerals 20, 30, and 40 
are computer systems which are connected each 
other through the communication medium 10. The 
computer system 20, 30, 40 is connected with a file 
storage portion 21. 31,41 forstoring a plurality of files, 
a management information storage portion 22, 32, 42 
for storing infonmation necessary for managing a file 
access, a conversion rule storage portion 23, 33. 43 
for storing a conversion rule for compensating differ- 
ences of the fonmats of a user ID and an access 
authority in accordance with a computer type, and a 
keyboard/CRT 24. 34. 44. 

The management infonmation storage portion 22, 
32, 42 stores a path to each file stored in the file stor- 
age portion 21, 31, 41. A file group stored in the file 
storage portion 21.31, 41 is identified by a path which 
is routed from "ROOT* disposed at the top of the tree 
construction to a directory d. Thus, the path to a file 
f1 is represented with 7d1/d11/fir, 

In this computer networi^, files that other corrv 
puter systems have can be treated as those that a par- 
ticular computer system has. For example, assume 
that two computer systems have respective file 
groups in a tree construction as shown in Fig. 3. In 
such a construction, the operator of one computer 
system A declares that the directory d2 is the same as 
the directory dri between the tree construction of the 
file group which the computer system A has and that 
which the computer system B has. Thus, the conrv 
puter system A can treat a sub file group in the direc- 
tory dri or below of a file group that the computer 
system B has as a file group in the directory d2 or 
below that the computer system A has. 
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The management information storage portion 22, 
32, 42 stores information with respect to access 
authority of each file as infonmation for determining 
the validity of executing a file access. 

Fig. 4 is a table outlining information with respect 5 
to access authority. In other words, the infomriatlon 
with respect to access authority is composed of an 
owner ID (a personal ID and a group ID) of each file 
and an access authority type (for example, read, 
write, delete, move, and execute) pemiltled to the io 
owner ID. 

In addition, the management information storage 
portion 22. 32. 42 stores a user ID (a personal ID and 
a group ID) which Is used to request a file access. 

In such a construction, a problem takes place is 
when the fonmat of the access authority on the access 
request side differs from that on the access accept 
side due to difference of computer types and the like 
therebetween. For example, when the access 
authority of one computer system and that of another 20 
computer system are set with respect to five types 
"read, write, delete, move, and execute" and three 
types "read, write, and execution", respectively, since 
the access authority on one side does not match that 
on another side, a file access cannot be validly per- 25 
fonmed. 

To prevent that, in the embodiment according to 
the present invention, the conversion rule storage por- 
tion 23. 33. 34 stores a conversbn rule. Fig. 5 shows 
a table outlining a conversion rule with respect to the 30 
access authority. In other words, in the conversion 
rule, the access request types "delete and move" 
issued from the computer system B to the computer 
system A are substituted into the access authority 
type "write" by the computer system A. 35 

In addition, the conversion rule storage portion 
23, 33, 43 also stores another conversion rule for 
compensating a difference between the format of the 
user ID on one side and that on the other side. 

For example, assume that the user ID is rep- 4o 
resented with 16 bits in the computer system A and 
with 32 bits in the computer system B. In this case, as 
the conversion rule that the computer system A has. 
a data mapping rule with respect to an ID reading 
memory area for treating 32 bit data as 1 6 bit data is 45 
defined, while as another conversion rule that the 
computer system B has, another mapping rule for 
treating 16 bit data as 32 bit data is defined. 

A file access portion 100 of the computer system 
20, 30. 40 is functionally categorized as a local access 50 
portion 1 10 for executing a file access in a local com- 
puter system and a remote access portion 120 for 
executing a remote file access with another computer 
system. 

Then, with reference to Figs. 6 to 8, a file access 55 
operation in the computer network according to the 
present invention will be described. 

As shown In Fig. 6, when the computer system 20 



issues a file access request, the file access portion 
1 00 looks Into the presence of a desired file in the file 
storage portion 21 thereof in accordance with infor- 
mation stored in the management Information storage 
portion 22 (in the step 601). 

When the file access portion 100 found the des- 
ired file in the local computer system 20, it obtains a 
personal user ID and a group user ID from the man- 
agement infonmation storage portion 22 as shown in 
Fig. 7 (in the step 701). 

Thereafter, the file access portion 100 looks into 
an owner ID (a personal ID and a group ID) stored in 
the management information storage portion 22 (in 
the step 702), 

Thereafter, the file access portion 100 compares 
the personal ID of the user ID with that of the owner 
ID (in the step 703), When they are matched, the file 
access portion 100 references the access authority in 
accordance with the owner personal ID (in the step 
704), 

Thereafter, the file access portion 100 looks Into 
the presence of the type of the real access request 
which ismatched with one of the types of the access 
authority being referenced (in the step 705). When the 
file access portion 100 found the type of the access 
authority which was matched, it accepts the file 
access (in the step 706). 

When the file access portion 100 could find the 
type of the access authority which was matched or 
when it found that the personal ID of the user ID did 
not accord with that of the owner ID, it compares the 
group ID of the user ID with that of the owner ID (in 
the step 707). 

When the group ID of the user ID is matched with 
that of the owner ID, the file access portion 100 refer- 
ences the access authority in accordance with the 
owner group ID (In the step 708). 

Thereafter, the file access portion 100 looks into 
the presence of the type of the real access request 
which is matched with one of the types of the access 
authority being referenced (In the step 709). When the 
file access portion 100 found the type of the access 
authority which was matched, It accepts the file 
access (in the step 706). 

When the file access portion 100 could not find 
the type of the access authority which was matched 
or when it found that the personal IDofthe userlDdid 
not accord with that of the owner ID in the step 707, 
it references another type of the access authority (in 
the step 710). 

Thereafter, the file access portion 100 looks into 
the presence of the type of the real access request 
which is matched with one of the types of the access 
authority being referenced (in the step 71 1). When the 
file access portion 100 found the type of the access 
authority which was matched, it accepts the file 
access (In the step 706). When the file access portion 
100 could not find the type of the access authority 
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which was matched, it prohibits the file access (in the 
step 712). 

When the file access portion 100 determined that 
the desired file was present in another computer sys- 
tem 30, 40 in the step 601, it adds a machine ID of the 
local computer system 20 to the user ID (the personal 
to and the group ID) in the management information 
storage portion 22 (in the step 602) and then sends 
them to another computer system 30, 40 so as to 
Issue a remote access request (In the step 603). 
Thereafter, the file access portion 100 enters a 
standby state for waiting for a response from the other 
computer system 30, 40. 

The file access portion 100 of the other computer 
system 30, 40 which accepted the remote access 
request receives the user ID (in the step 801) and 
looks into the machine ID from the user ID being 
received (in the step 802). 

Thereafter, the file access portion 100 deter- 
mines the fomiats of the user ID and the access 
authority in accordance with the machine ID (in the 
step 803). 

Thereafter, the file access portion 100 deter- 
mines whether or not the formats being determined 
are matched with those of the local computer system 
(in the step 804). 

When the file access portion 100 detemiined that 
the fonnats were not matched, it converts the formats 
of the user ID and the access authority stored in the 
conversion rule storage portion 33, 43 into those of 
the local computer system 30, 40 (in the step 805). 

Thereafter, the file access portion 100 deter- 
mines whether or not to accept the file access in the 
procedure shown in Fig. 7 in accordance with the user 
ID and the access authority where their formats have 
been converted (in the step 806). 

Thus, according to the computer network of the 
present invention, even if the formats of the user ID 
and the access authority of one computer system 20, 
30, 40 differ from those of the other computer system 
20, 30, 40, by compensating the differences with the 
conversion rules, a remote file access can be validly 
perfonmed without necessity of a special procedure. 



Claims 

(1) A computer network connected with a plurality 
of computer systems through a communication 
medium for accessing files that said plurality of conv 
puter systems have from all of said plurality of com- 
puter systems, each of said plurality of computer 
systems comprising: 

access authority information storage means 
for storing information with respect to access authority 
in accordance with an owner ID; 

means for determining whether or not a fonmat 
of said user ID and said access authority being 



received accord with a format of own user ID and own 
access authority when a remote access is accepted; 

means for converting the format of said user ID 
and said access authority being received Into the for- 

5 mat of own user ID and own access authority in 
accordance with a predetermined conversion mle 
when the format of own user ID and access authority 
is not matched with the fonnnat of said user ID and said 
access authority being received. 

10 means for comparing said user ID and said 

access authority whose fonr^at has been converted 
with information of said access authority stored in said 
access authority storage means and for determining 
whether or not to execute said remote access. 

IS (2) A computer network connected with a plurality 

of computer systems through a communication 
medium for accessing files that said plurality of conrv 
puter systems have from all of said plurality of com- 
puter systems, each of said plurality of computer 

20 systems comprising: 

access authority information storage means 
for storing information with respect to access authority 
in accordance with an owner ID; 

means for adding a machine ID to a user ID and 

25 for sending the resultant ID to another computer sys- 
tem of said plurality of computer systems when a 
remote accest request is issued; 

means for detemnining whether or not a format 
of said user ID and said access authority being 

30 received accord with a format of own user ID and own 
access authority when a remote access is accepted; 

conversion rule storage means for storing a 
rule for converting a format of said user ID and said 
access authority; 

35 means for converting the fonmat of said user ID 

and said access authority being received into the for- 
mat of own user ID and access authority In accord- 
ance with a conversion rule stored in said conversion 
rule storage means when the format of own user ID 

40 and access authority is not matched with the format 
of said user ID and said access authority being 
received; and 

means for comparing said user ID and said 
access authority whose format hat been converted 

45 with information of said access authority stored in said 
access authority storage means and for determining 
whether or not to execute said remote access. 

(3) The computer network as set forth in claim 1, 
wherein each of said plurality of computer systems 

50 further comprises means for determining whether or 
not a file with respect to an access request Is present 
in own computer system and for requesting a remote 
access when the file is not present 

(4) The computer network as set forth in claim 2, 
55 wherein each of sakJ plurality of computer systems 

further comprises means for determining whether or 
not a file with respect to an access request is present 
in own computer system and for requesting a remote 
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access when the file is not present 

(5) A file access method of remotely accessing a 
file among a plurality of computer systems connected 
through a communication medium, said method com- 
prising the steps of: s 

adding a machine ID to a user ID and for send- 
ing the resultant ID to another computer system of 
said plurality of computer systems when a remote 
access request is issued in said plurality of computer 
systems; io 

detenmining whether or not a format of said 
user ID and said access authority being received 
accord with a fomnat of own user ID and own access 
authority when a remote access is accepted in said 
plurality of computer systems; is 

converting the format of said user ID and said 
access authority being received into the fomiat of own 
user ID and own access authority in accordance with 
a predetenmined conversion rule when the fonmat of 
own user ID and access authority is not matched with 20 
the format of said user ID and said authority being 
received; and 

comparing said user ID and said access 
authority whose fonmat has been converted with infor- 
mation of said access authority stored in said access 25 
authority storage means and for determining whether 
or not to execute said remote access. 

(6) The file access method as set forth in claim 5, 
wherein said method further comprises the step of 
determining whether or not a file of which an access 30 
request is issued in one of said plurality of computer 
systems is present in own computer system and for 
issuing a remote access request when the file is not 
present in own computer system. 

35 
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FIG. 2 
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FIG. 4 
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FIG. 6 
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FIG. 8 
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@ Computer network. 

@ Each computer system of the computer net- 
work according to the present invention has a 
management information storage portion for 
storing infomniation with respect to an access 
authority in accordance with an owner ID and a 
conversion rule storage portion for storing a 
rule for converting the fomnats of a user ID and 
an access autiiorlty. Each computer system 
adds a machine ID to a user ID and sends the 
resultant ID to another computer system when a 
remote access request is Issued. In addition, the 
computer system detenmines whether or not the 
formats of the user ID and tiie access authority 
being received accord with those of a local 
computer system when a remote access is ac- 
cepted. The computer system converts the for- 
mats of tiie user ID and the access authority 
being received into those of the local computer 
system in accordance with a predetermined 
conversion rule when the fonmats of tiie local 
computer system are not matched with those on 
the remote computer system. Thereafter, the 
computer system cc»npares the user ID and the 
access authority whose formats have been con- 
verted with infonmation of the access autiiority 
stored in the access autiiority storage portion 
and determines whetiier or not to execute tiie 
remote access. 
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